Researchers shed light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.

Find details here: https://thehackernews.com/2023/10/researchers-unveil-toddycats-new-set-of.html

A new cyber campaign targets EU military & political leaders focusing on gender equality. The cyber collective behind it blurs lines between financial and espionage motives.

Learn more: https://thehackernews.com/2023/10/new-peapod-cyberattack-campaign.html

🔐 Big news! Microsoft plans to phase out the '90s NT LAN Manager (NTLM) in favor of a stronger focus on Kerberos for authentication in Windows 11.

Learn more: https://thehackernews.com/2023/10/microsoft-to-phase-out-ntlm-in-favor-of.html

🚨 EtherHiding — New threat detected!

Malicious actors are using Binance's Smart Chain (BSC) contracts to host malicious code and serve it on compromised WordPress sites to distribute malware.

Learn more: https://thehackernews.com/2023/10/binances-smart-chain-exploited-in-new.html

🔒 Signal has refuted viral reports of a zero-day flaw in its encrypted messaging app. After thorough investigation, the company found no evidence to support the claim.

Find details here: https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html

Discover the dangerous capabilities of SpyNote, an Android banking trojan. It records audio, logs keystrokes, SMS messages, and captures screenshots without detection.

Find out more about this invasive spyware: https://thehackernews.com/2023/10/spynote-beware-of-this-android-trojan.html

SaaS Security breaches often stem from misconfigured settings. Learn how 'SaaS Security on Tap' video series tackles the key concepts.

Watch them here: https://thehackernews.com/2023/10/the-fast-evolution-of-saas-security.html

🚨 WinRAR users, be alert! Pro-Russian hackers exploited a recent vulnerability (CVE-2023-38831) in the software. Ensure your version is updated!

Read details: https://thehackernews.com/2023/10/pro-russian-hackers-exploiting-recent.html

🚨 Cisco alerts about a critical UNPATCHED zero-day security vulnerability (CVE-2023-20198) in its IOS XE software that's under active exploitation.

Learn more: https://thehackernews.com/2023/10/warning-unpatched-cisco-zero-day.html

Ukraine's CERT-UA discovered threat actors targeting 11 telecom providers between May and September 2023. The attacks caused service interruptions, and they used programs called POEMGATE and POSEIDON to control telecom hosts.

Learn more: https://thehackernews.com/2023/10/cert-ua-reports-11-ukrainian-telecom.html

🚨 Vulnerabilities Alert — Milesight's industrial routers risk unauthorized web interface access, while Titan MFT and Titan SFTP servers face remote superuser threats.

Find details here: https://thehackernews.com/2023/10/experts-warn-of-severe-flaws-affecting.html

🔒 Ransomware attacks are evolving rapidly.

From new evasion techniques to targeting high-income organizations, find out how they're adapting in Cyble's Q3 Ransomware Report:

Read: https://thehackernews.com/2023/10/ransomware-attacks-doubled-year-on-year.html

🚨 Alert — Two critical vulnerabilities in open-source CasaOS personal cloud software could allow attackers to gain full control of your system.

Find details here: https://thehackernews.com/2023/10/critical-vulnerabilities-uncovered-in.html

🕵️‍♂️ Nation-state hackers are turning to Discord. Discover how they're using this social platform for potential cyber-espionage and target critical infrastructure.

Read: https://thehackernews.com/2023/10/discord-playground-for-nation-state.html

D-Link confirms data breach. Low-sensitivity data exposed from an old system due to an employee falling for a phishing attack.

Find details here: https://thehackernews.com/2023/10/d-link-confirms-data-breach-employee.html

A vulnerability in Synology's DSM has been revealed, allowing attackers to remotely hijack admin accounts.

Learn how to safeguard your data: https://thehackernews.com/2023/10/new-admin-takeover-vulnerability.html

🤖 A sophisticated campaign known as TetrisPhantom is targeting APAC government entities, covertly harvesting sensitive data via secure USB drives.

Read: https://thehackernews.com/2023/10/tetrisphantom-cyber-espionage-via.html

Kaspersky links the mysterious APT actor to attacks on Russian entities.

💰 Financial data is a digital treasure trove, but it's also a prime target for cybercriminals. Join our cybersecurity webinar to learn how to secure your financial data and ensure compliance.

Reserve your spot now—it's free: https://thehackernews.com/2023/10/webinar-locking-down-financial-and.html

⚠️ New cyber threat: Discover how Qubitstrike, linked to Tunisia, targets Jupyter Notebooks for cryptocurrency mining and cloud breaches while also employing a sophisticated rootkit malware.

Learn more: https://thehackernews.com/2023/10/qubitstrike-targets-jupyter-notebooks.html

🔐 Explore 7 real-life attack paths and learn how to tackle them.

Ensure you don't miss out on crucial insights and the power of the Exposure Management Platform for protecting critical assets.

Read: https://thehackernews.com/2023/10/unraveling-real-life-attack-paths-key.html